View previous topic :: View next topic |
Author |
Message |
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Fri May 27, 2016 7:46 am Post subject: ssh too slow |
|
|
Hi,
my ssh too slow ...
my version is :
~ # eix -e openssh
[I] net-misc/openssh
Available versions: 7.1_p1-r2 7.1_p1-r3 7.1_p2 ~7.1_p2-r1 ~7.2_p1 7.2_p2 {X X509 bindist debug (+)hpn kerberos ldap ldns libedit libressl pam +pie sctp selinux skey ssh1 +ssl static KERNEL="linux"}
Installed versions: 7.2_p2(12:51:52 25/05/2016)(X bindist ldap pam pie ssl -X509 -debug -hpn -kerberos -ldns -libedit -libressl -sctp -selinux -skey -ssh1 -static KERNEL="linux")
Homepage: http://www.openssh.org/
Description: Port of OpenBSD's free SSH release
I tried old version but the same.
I don't have mount nfs or samba
~ # df -aH
File system Dim. Usati Dispon. Uso% Montato su
rootfs - - - - /
proc 0 0 0 - /proc
udev 11M 4,1k 11M 1% /dev
devpts 0 0 0 - /dev/pts
sysfs 0 0 0 - /sys
/dev/sdb5 317G 159G 143G 53% /
tmpfs 2,7G 1,6M 2,7G 1% /run
mqueue 0 0 0 - /dev/mqueue
shm 14G 54k 14G 1% /dev/shm
configfs 0 0 0 - /sys/kernel/config
fusectl 0 0 0 - /sys/fs/fuse/connections
cgroup_root 11M 0 11M 0% /sys/fs/cgroup
openrc 0 0 0 - /sys/fs/cgroup/openrc
cpuset 0 0 0 - /sys/fs/cgroup/cpuset
cpuacct 0 0 0 - /sys/fs/cgroup/cpuacct
/dev/sdb6 53G 75M 50G 1% /tmp
/dev/sdb7 53G 12G 39G 24% /var
/dev/sdb9 1,6T 1,3T 207G 87% /home
binfmt_misc 0 0 0 - /proc/sys/fs/binfmt_misc
rpc_pipefs 0 0 0 - /var/lib/nfs/rpc_pipefs
nfsd 0 0 0 - /proc/fs/nfsd
house ~ #
Is not a DNS problem if I am in my computer where is the problem :
I put "UseDNS No"
or
~ $ time ssh localhost id -u
The authenticity of host 'localhost (::1)' can't be established.
ED25519 key fingerprint is
SHA256:mv689l6snBLmlum+rFKqJkTZ7BXWOsz36Jkn8CEdcx4.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ED25519) to the list of known
hosts.
Password:
Warning: untrusted X11 forwarding setup failed: xauth key data not
generated
2000
real 0m43.806s
user 0m0.020s
sys 0m0.000s
~ $
I tried :
ssh -vvv house :
...
Password:
debug3: packet_send2: adding 16 (len 36 padlen 12 extra_pad 64)
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 0
debug3: packet_send2: adding 48 (len 6 padlen 10 extra_pad 64)
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to house ([10.10.1.2]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
block here :
debug1: client_input_global_request: rtype hostkeys-00@openssh.com
want_reply 0
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
I tried do :]
strace -f -o a.log -tt -T ssh -v house id -u
...
26482 16:45:11.931670 write(2, "debug1: Entering interactive ses"...,
39) = 39 <0.000024>
26482 16:45:11.931761 rt_sigaction(SIGHUP, NULL, {SIG_DFL, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000020>
26482 16:45:11.931880 rt_sigaction(SIGHUP, {SIG_IGN, [], SA_RESTORER,
0x7f3dd1311d40}, NULL, = 0 <0.000062>
26482 16:45:11.932199 rt_sigaction(SIGHUP, NULL, {SIG_IGN, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000020>
26482 16:45:11.932287 rt_sigaction(SIGHUP, {0x7f3dd2754940, [],
SA_RESTORER, 0x7f3dd1311d40}, NULL, = 0 <0.000020>
26482 16:45:11.932365 rt_sigaction(SIGINT, NULL, {SIG_DFL, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000020>
26482 16:45:11.932442 rt_sigaction(SIGINT, {SIG_IGN, [], SA_RESTORER,
0x7f3dd1311d40}, NULL, = 0 <0.000020>
26482 16:45:11.932520 rt_sigaction(SIGINT, NULL, {SIG_IGN, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000021>
26482 16:45:11.932596 rt_sigaction(SIGINT, {0x7f3dd2754940, [],
SA_RESTORER, 0x7f3dd1311d40}, NULL, = 0 <0.000021>
26482 16:45:11.932674 rt_sigaction(SIGQUIT, NULL, {SIG_DFL, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000020>
26482 16:45:11.932750 rt_sigaction(SIGQUIT, {SIG_IGN, [], SA_RESTORER,
0x7f3dd1311d40}, NULL, = 0 <0.000021>
26482 16:45:11.932826 rt_sigaction(SIGQUIT, NULL, {SIG_IGN, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000020>
26482 16:45:11.932902 rt_sigaction(SIGQUIT, {0x7f3dd2754940, [],
SA_RESTORER, 0x7f3dd1311d40}, NULL, = 0 <0.000021>
26482 16:45:11.932999 rt_sigaction(SIGTERM, NULL, {SIG_DFL, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000009>
26482 16:45:11.933056 rt_sigaction(SIGTERM, {SIG_IGN, [], SA_RESTORER,
0x7f3dd1311d40}, NULL, = 0 <0.000009>
26482 16:45:11.933088 rt_sigaction(SIGTERM, NULL, {SIG_IGN, [],
SA_RESTORER, 0x7f3dd1311d40}, = 0 <0.000006>
26482 16:45:11.933116 rt_sigaction(SIGTERM, {0x7f3dd2754940, [],
SA_RESTORER, 0x7f3dd1311d40}, NULL, = 0 <0.000007>
26482 16:45:11.933144 rt_sigaction(SIGWINCH, NULL, {SIG_DFL, [], 0},
= 0 <0.000006>
26482 16:45:11.933172 rt_sigaction(SIGWINCH, {0x7f3dd2754bc0, [],
SA_RESTORER, 0x7f3dd1311d40}, NULL, = 0 <0.000006>
26482 16:45:11.933206 select(7, [3], [3], NULL, NULL) = 1 (out [3])
<0.000008>
26482 16:45:11.933243 write(3, "\0\0\0 q.\343\347\322\302t\302\32%\350
\240\364\t<\253Vz\231\235\32\305\363\30\365\30\222"..., 128) = 128
<0.000018>
26482 16:45:11.933287 select(7, [3], [], NULL, NULL) = 1 (in [3])
<25.029930>
26482 16:45:36.963300 read(3,
"\0\0\0030\212\r\177\370\21\273\340\355q_\220\3360\16\rX\203\374%\16\204\314<\363wk\257\264"...,
8192) = 840 <0.000011>
26482 16:45:36.963380 write(2, "debug1: client_input_global_requ"...,
81) = 81 <0.000013>
26482 16:45:36.963419 select(7, [3], [], NULL, NULL) = 1 (in [3])
<0.039314>
26482 16:45:37.002862 read(3, "\0\0\0
\262;mI\267;\325J\222f\323\31\247\241\307\0{\303\232\0001\366\273\377\17]\35?"...,
8192) = 56 <0.000048>
26482 16:45:37.003056 getsockopt(3, SOL_TCP, TCP_NODELAY, [0], [4]) =
0 <0.000038>
..
I think it's happened since the last update
Ihave no idea !!! HELP ME !!! _________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
chiefbag Guru
Joined: 01 Oct 2010 Posts: 542 Location: The Kingdom
|
Posted: Fri May 27, 2016 8:55 am Post subject: |
|
|
Try the following commands, It will copy your local pub key to authorized_keys then time the local ssh command
Code: | cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
time ssh localhost 'exit'
|
|
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Fri May 27, 2016 9:02 am Post subject: |
|
|
chiefbag wrote: | Try the following commands, It will copy your local pub key to authorized_keys then time the local ssh command
Code: | cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
time ssh localhost 'exit'
|
|
I do it :
~ $ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
~ $ time ssh localhost 'exit'
real 0m25.159s
user 0m0.020s
sys 0m0.000s
~ $
_________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
pilla Bodhisattva
Joined: 07 Aug 2002 Posts: 7729 Location: Underworld
|
Posted: Fri May 27, 2016 11:00 am Post subject: |
|
|
Code: | Warning: untrusted X11 forwarding setup failed: xauth key data not
generated
|
It looks like your setup is trying to do X11 forwarding. Try to run with the "-x" and the "-Y" flags, in two different attempts.
Then, if it is any better, verify if you have xauth installed. _________________ "I'm just very selective about the reality I choose to accept." -- Calvin |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Fri May 27, 2016 12:28 pm Post subject: |
|
|
pilla wrote: | Code: | Warning: untrusted X11 forwarding setup failed: xauth key data not
generated
|
It looks like your setup is trying to do X11 forwarding. Try to run with the "-x" and the "-Y" flags, in two different attempts.
Then, if it is any better, verify if you have xauth installed. |
I do this :
~ $ time ssh localhost exit
real 0m25.233s
user 0m0.020s
sys 0m0.000s
~ $ time ssh -Y localhost exit
real 0m25.192s
user 0m0.030s
sys 0m0.000s
~ $ time ssh -x localhost exit
real 0m25.182s
user 0m0.020s
sys 0m0.000s
~ $
My sshd.conf :
PermitRootLogin yes
AllowUsers root me ...
PasswordAuthentication yes
UsePAM yes
X11Forwarding yes
PrintMotd no
PrintLastLog no
UseDNS no
Subsystem sftp /usr/lib64/misc/sftp-server
_________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
pilla Bodhisattva
Joined: 07 Aug 2002 Posts: 7729 Location: Underworld
|
Posted: Fri May 27, 2016 12:41 pm Post subject: |
|
|
Change this line to "no" and then restart sshd.
Have you checked for xauth? _________________ "I'm just very selective about the reality I choose to accept." -- Calvin |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Fri May 27, 2016 1:44 pm Post subject: |
|
|
pilla wrote: | Change this line to "no" and then restart sshd.
|
I did :
~ $ time ssh localhost 'exit'
real 0m25.186s
user 0m0.020s
sys 0m0.000s
pilla wrote: |
Have you checked for xauth? |
Yes I have :
Code: | [I] x11-apps/xauth
Available versions: 1.0.9-r1^t 1.0.9-r2 {ipv6}
Installed versions: 1.0.9-r2(17:41:13 12/01/2016)(ipv6)
Homepage: http://xorg.freedesktop.org/
Description: X authority file utility
|
_________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
pilla Bodhisattva
Joined: 07 Aug 2002 Posts: 7729 Location: Underworld
|
Posted: Fri May 27, 2016 8:21 pm Post subject: |
|
|
Please try the flag "-4" to avoid IPv6 name resolution. _________________ "I'm just very selective about the reality I choose to accept." -- Calvin |
|
Back to top |
|
|
Syl20 l33t
Joined: 04 Aug 2005 Posts: 619 Location: France
|
Posted: Mon May 30, 2016 10:58 am Post subject: |
|
|
Do you use PAM "network-related" modules, like pam_ldap, pam_winbind, or pam_sss ? |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Tue May 31, 2016 12:31 pm Post subject: |
|
|
pilla wrote: | Please try the flag "-4" to avoid IPv6 name resolution. |
Code: | ~ # cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
~# |
still slow
Tomorrow I will be a reboot maybe it will work _________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Tue May 31, 2016 12:35 pm Post subject: |
|
|
Syl20 wrote: | Do you use PAM "network-related" modules, like pam_ldap, pam_winbind, or pam_sss ? |
How can I know this ?
Code: |
[I] sys-auth/pambase
Available versions: 20101024-r2^b 20120417-r3^b ~20140313^b 20150213^b {consolekit cracklib debug gnome-keyring minimal mktemp +nullok pam_krb5 pam_ssh passwdqc securetty selinux +sha512 systemd}
Installed versions: 20150213^b(10:34:14 23/11/2015)(consolekit cracklib nullok sha512 |
Code: | [I] sys-libs/pam
Available versions: 1.2.1 ~1.2.1-r1 ~1.3.0 {audit berkdb cracklib debug +filecaps nis nls +pie selinux test vim-syntax ABI_MIPS="n32 n64 o32" ABI_PPC="32 64" ABI_S390="32 64" ABI_X86="32 64 x32"}
Installed versions: 1.2.1(10:23:25 23/11/2015)(berkdb cracklib nls pie vim |
_________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Wed Jun 01, 2016 5:59 am Post subject: |
|
|
eleaffar wrote: | pilla wrote: | Please try the flag "-4" to avoid IPv6 name resolution. |
Code: | ~ # cat /proc/sys/net/ipv6/conf/all/disable_ipv6
1
~# |
still slow
Tomorrow I will be a reboot maybe it will work |
Yesterday I did an photocopy hot machine, with rsync ... It works correctly.
So today a reboot my computer and It works ... why ? _________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
Syl20 l33t
Joined: 04 Aug 2005 Posts: 619 Location: France
|
Posted: Wed Jun 01, 2016 1:03 pm Post subject: |
|
|
eleaffar wrote: | Syl20 wrote: | Do you use PAM "network-related" modules, like pam_ldap, pam_winbind, or pam_sss ? |
How can I know this ? |
I think that if you don't know, you certainly don't use them. Some greps on /etc/pam/d/* will show you.
Quote: | So today a reboot my computer and It works ... why ? |
New kernel ? New sysctl options ? New SSH config ? Glibc update ?
Did you reboot your system after disabling ipv6 ? |
|
Back to top |
|
|
Jim6 Tux's lil' helper
Joined: 08 Apr 2005 Posts: 102
|
Posted: Sun Jun 26, 2016 4:25 pm Post subject: |
|
|
Thank you for this thread!
Same problem here -- ssh consistently had a 25second delay before connections would succeed.
Like you, I had "UsePam yes" in my sshd config. Flipping it to "no" & restarting sshd resolved the problem.
The system's uptime is 2 months, so it's possible that rebooting would also have resolved.
Neither pambase nor openssh have been upgraded since the machine was last rebooted. |
|
Back to top |
|
|
eleaffar n00b
Joined: 09 May 2011 Posts: 43
|
Posted: Thu Jun 30, 2016 9:34 am Post subject: |
|
|
After the reboot all is ok, but 5 days later the problem return.
I think that the problem is an my mistake of compiling the consolekit .
In fact it goes crazy
I'm waiting to put SOLVE _________________ Ho visto il film Memento ... non me lo ricordo ! |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|